Presentation is loading. Please wait.

Presentation is loading. Please wait.

Organisational Factors and Australian IT Professionals’ Views of Wireless Network Vulnerability Assessments Keir Dyce Centre for Research in Computer Security.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Organisational Factors and Australian IT Professionals’ Views of Wireless Network Vulnerability Assessments Keir Dyce Centre for Research in Computer Security."— Presentation transcript:

1 Organisational Factors and Australian IT Professionals’ Views of Wireless Network Vulnerability Assessments Keir Dyce Centre for Research in Computer Security & Professor Mary Barrett School of Management and Marketing

2 Organisational culture: issues for computer security Professional Identity Sub-groups External and internal influences on culture Attitudes to risk Attitudes to surveillance ALL POTENTIALLY HAVE AN IMPACT ON WLAN SECURITY

3 Two approaches to wireless network vulnerability assessment Wireless monitoring (WM) Penetration testing (PT) No comprehensive framework for integrating the two approaches in an organisation’s security system

4 The study mail-out survey to Information Security Interest Group (ISIG), closed-ended and open-ended questions, frequencies only Topics covered: 1. the extent of use of WNVAs, (either or both wireless monitoring and penetration testing), 2. how IT professionals used WNVAs, and 3. their opinions about the two approaches

5 Results Modest response rate (62), but representative of ISIG (total ~400 members) 1 Use of VAs: Only ten (16 percent) used WM, three (5 percent) used PT. ‘Unnecessary’, ‘lack know-how’. Org’l culture suggests: ‘Wired view’ of security, senior management discomfort with idea of hacking Role of dominant culture and sub-cultures

6 Results (continued) 2 How IT professionals use WNVAs 10 users; but using either WM or PT or a combination of the two had revealed network vulnerabilities. Lack of a framework for combining the two. Respondents said this could be helpful to increase know-how. ‘Planning’ thought to be helpful, but scarcely anyone does this. (Only 1 of the 10 users has researched a framework.)

7 Results (continued) 3 Possible reasons for IT professionals’ low use of WNVAs Decision-making style, esp Bounded rationality in response to time constraints Secrecy may be provoked by time needed to get support from people who don’t understand WNVA techniques, and who are suspicious of surveillance measures, and lack of perceived need. Could lead to ethical compromises by IT staff.

8 Conclusions Organisational culture may help explain why IT professionals typically don’t use either kind of WNVA or even seem to know about them. ‘Within-culture’ solutions: change security measures and communicate. ‘Change culture’ solutions: reward new behaviour, use stories, use professional identity.

Download ppt "Organisational Factors and Australian IT Professionals’ Views of Wireless Network Vulnerability Assessments Keir Dyce Centre for Research in Computer Security."

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
4th Module: Information Systems Development and Implementation:

4th Module: Information Systems Development and Implementation:
School of Medicine FACULTY OF MEDICINE AND HEALTH Does interprofessional education and working have any impact on perceptions of professional identity.

School of Medicine FACULTY OF MEDICINE AND HEALTH Does interprofessional education and working have any impact on perceptions of professional identity.
Develop an Information Strategy Plan

Develop an Information Strategy Plan
Qualitative and Observational Research

Qualitative and Observational Research
S-1 SUPERVISION. S-2 Instructional Leadership Development Framework for Data-driven Systems QUALITY STUDENT PERFORMANCE ETHICS AND INTEGRITY Curriculum/Instruction/

S-1 SUPERVISION. S-2 Instructional Leadership Development Framework for Data-driven Systems QUALITY STUDENT PERFORMANCE ETHICS AND INTEGRITY Curriculum/Instruction/
Building Effective Work Teams and Maintaining Morale

Building Effective Work Teams and Maintaining Morale
What Is Organizational Culture?

What Is Organizational Culture?
A Teachers’ Overview of Digital Marketing Education in China Guangzhi Chu Professor of Advertising, Communication University of China Chenyu Li Ph.D. Candidate.

A Teachers’ Overview of Digital Marketing Education in China Guangzhi Chu Professor of Advertising, Communication University of China Chenyu Li Ph.D. Candidate.
Developing management theory One example - Motivation ARBE121 – MANAGEMENT THEORY  Motivation “…internal processes and external forces that direct behaviour.”

Developing management theory One example - Motivation ARBE121 – MANAGEMENT THEORY  Motivation “…internal processes and external forces that direct behaviour.”
DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.
Perpetuity Research & Consultancy International (PRCI) Ltd www.perpetuitygroup.com Is CCTV working? The effectiveness of CCTV and the British experience.

Perpetuity Research & Consultancy International (PRCI) Ltd Is CCTV working? The effectiveness of CCTV and the British experience.
Decision Making Ch. 7 Management A Practical Introduction

Decision Making Ch. 7 Management A Practical Introduction
Individual Decision Making

Individual Decision Making
Organizational Influences and Life Cycle

Organizational Influences and Life Cycle
© Pearson Education Limited, 20041 Chapter 6 Fact-finding Transparencies.

© Pearson Education Limited, Chapter 6 Fact-finding Transparencies.
Diversity & Inclusion: Fringe or Fundamental? Joint CIPD/Bernard Hodes Research 2012 Dianah Worman OBE CIPD Public Policy Adviser, Diversity.

Diversity & Inclusion: Fringe or Fundamental? Joint CIPD/Bernard Hodes Research 2012 Dianah Worman OBE CIPD Public Policy Adviser, Diversity.
Section 29.2 The Marketing Survey

Section 29.2 The Marketing Survey
Introduction Our Topic: Mobile Security Why is mobile security important?

Introduction Our Topic: Mobile Security Why is mobile security important?
From Conformance to Performance: Using Integrated Risk Management to achieve Organisational Health Ms Stacie Hall Comcover National Manager.

From Conformance to Performance: Using Integrated Risk Management to achieve Organisational Health Ms Stacie Hall Comcover National Manager.

Similar presentations

Ads by Google